This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem How in bobs name....

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi,

Im trying to get a 70-291 lab setup using virtual pc 2007 and its driving me crazy trying to get this setup working.

The only way I can get the pc to join the domain is if I set the DG on both the server and the virtual pc to 192.168.10.40, but then neither can get out to the internet.

If I set them to that of the router (192.168.10.23) then they can get to the internet, but cant see each other (must be a dns thing).

If I use the 'Local Only' setting on the virtual pc adapter then they cant see the internet
If I use the 'NAT' option setting on the virtual pc adapter then the routing between them and the internet still fails

I cant seem to get both communicating together and allow them access to the internet at the same time, and its driving me crackers.

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

You need to use the DNS on the server so that it's your clients DNS server (you would set up a forwarder so that the virtual DNS server would use your existing ISP DNS servers to look up anything it doesn't know about).

The default gateway HAS to be the router as that's your gateway out to the net.

To recap.

Use the DNS server on your server to provide name resolution, have it configured with your ISP's DNS servers as your forwarder. Configure your Router with the IP address of the Virtual server as your primary DNS, you could also issue your ISP's DNS server as your secondary lookup, saves you any sorts of issues if your DC is offline at all.

Do an IPCONFIG /RENEW (or /release and /renew) to get the new IP settings.

That should be it, you should be able to join the domain and still have name resolution working.

One other thing... in all honesty you would be better off using a secondary virtual machine as your workstation client rather than using your physical machine, why you ask? well if you start playing with GPO's etc you can cause all sorts of issues on your main machine but if it's a virtual then you can just revert your snapshots.

Virtual Server:
Set the DNS forwarder properties to be that of the ISP's Primary DNS Server

Wont this cause a potential loop?

Is there not a better way to do this without changing the DNS on my router, because when I dont have my virtual server launched, it will take longer to resolve addresses? I suppose I could change it back each time?

What would I then configure my virtual xp client to? Would I just use DHCP from the server, and let this take care of the default Gateway settings and dns

I havent yet changed the routers dns properties, and both Vserver and Vclient are talking fine, and both are accessing the internet.

Next thing I need to do is get the server to issue IP Addresses, currently the Vclient has been issued an IP address from the routers DHCP scope.

I think I will just set my physical pc with a static address and then disable the DHCP properties on my router, and allow my virtual server to deal with this.

Either that, or is there any fancy way that my router can still issue 192.168.10.1 to .40, and then have my Vserver issue .41 to xx
Then I need a way to make sure that the router doesnt issue the dhcp request.
Would the easiest way be to decrease the DHCP scope on the router, so it is fully utilised, forcing the server to offer?

On your virtual environment there is nothing stopping you having two NICs on the DC and using a completely different scope on your virtual environment (for instance a 10.x.x.x network), as long as your server has two nics (1 with the 10.x.x.x and the other with the 192.168.x.x) you should be able to segment your environments just fine.

As far as DNS queries go, if you notice the time between looking up your Server dns and your ISP's dns servers you're a better man than me, I should tell you that my router currently issues out two DNS servers, my DC and my ISP's. My DC is currently off (as is my entire virtualised environment) whilst I am waiting for a new display card for my SAN box. I don't notice the difference in lookups at all (after all it's a small environment).

I would also suggest that if you went down the route of segmented IP addressing you also setup your DHCP scope then, it's better to do that then start playing with your router unless you're really happy doing so. As far as I am concerned I know how my environment works and how to resolve issues should something fail (it can happen).

In your shoes however I would go with the segmented route and use the virtualised environment for testing and the physical environment for normal every day work, in my case it's all on the same lan segment but that's not a problem for me.

It's not a dual scope, the virtual lan will have the new dhcp scope whilst the server should have two static addresses, one internal to the virtual lan, the second from the physical lan. As far as the server goes, it will have to virtual nics, one of which would be set to local, the other bridged so that the local interface is purely on the 10.x network whilst the bridged one can see the router (and always use static addresses for servers, causes hell if you don't and an address changes later down the line, you learn that the hard way and it's a royal pain).

The local virtual network having a DHCP Scope of 172.16.16.1 /24 with DNS also configured on the virtual network.
IM then guessing the fact that the DG on the virtual side being bridged should then allow it access to the internet still?

I know its something obvious, but I have tried a number of combinations out and its still not working.

You would then have your clients using the 172.16.16.1 address as their default gateways.

You don't need to configure a gateway on the internal port on the server because the Route Mapping for any other traffic would already go out via 192.168.10.23 anyway.

As far as DNS goes, I would still leave it that it uses the internal server as the DNS server (on a single address, you don't want to start having 2 IP addresses and starting to confuse the situation) and have forwarders configured for your external ISPs DNS servers (again because of routing you only need to put the entry in, it 'should' find the route out).

That makes more sense, I have configured it in the way you suggest, but my virtual pc still struggles to obtain an ip via dhcp

VirtualServer
NIC 1:- Set to use physical NIC
IP: 192.168.10.40 /24
DG: 192.168.10.23
1st DNS: 172.16.16.1
2nd DNS: 194.168.4.100 **I have tried with and without this, when its without, I tried placing a forwarder)**

NIC 2:- Set to Local
IP: 172.16.16.1 /24
DNS: 172.16.16.1

THe server is running DHCP using the server IP 172.16.16.1. This is using a DHCP scope of 172.16.16.2-254
The server is also running DNS using the server IP 172.16.16.1 - I have removed all forwarders

VirtualPC
NIC 1: Set to Local
I have tried picking up a 172.16.16.x ip without configuring any properties, and I have also tried by adding 172.16.16.1 as the dns server.

Still no luck.

Im sure im obviously misunderstanding something here, so once again any help would be appreciated. I am going to watch a couple of videos on DNS as well because im sure its this thats causing most of the problems for me.

I hadn't authorised the DHCP server (I accidently deleted the server earlier, instead of the old scope). Thought I had re-authorised.

The virtual pc is now picking up an IP address from the DHCP pool, and its picking up the localised 172.16.16.1 default gateway as expected, along with the dns entry.

So now the virtual PC is able to ping both NIC's (172.16.16.1 & 192.168.10.40), but it cant ping the servers gateway on 192.168.1.23, or get to the internet?

Im guessing this is because the pc's dns server is 172.16.16.1 and this is a local virtual nic, so it wont have access out to the internet? Its not bridging the two networks.

Click to expand...

If you have configured the forwarder correctly then you will be able to get out to the internet correctly, have you made sure you don't have any issues with a firewall on your physical host?

Can you actually ping your physical host?

The idea of the second nic on the server is that it's acting as the gateway out to the other subnet, as long as you can ping the server from your physical machine and vice versa you 'should' be able to get out to everywhere, the only thing that would stop that would be a firewall.

I have tried setting the virtual server up with static dns entry of 172.16.16.1 (local virtual DNS server)
I have then tried setting the forwarder properties to 192.168.10.23 and the isp 194.x.x.x, as well as both and still no luck.

It must be a firewall issue.

I can ping from my physical host to the virtual servers interface on the same network, but not on the alternate network.

CertForums.com is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco®, Cisco Systems®, CCDA™, CCNA™, CCDP™, CCNP™, CCIE™, CCSI™; the Cisco Systems logo and the CCIE logo are trademarks or registered trademarks of Cisco Systems, Inc. All other trademarks, including those of Microsoft, CompTIA, VMware, Juniper ISC(2), and CWNP are trademarks of their respective owners.